msticpy.context.azure package

Data provider sub-package.

Submodules

• msticpy.context.azure.azure_data module
  • AzureData
    • AzureData.connect()
    • AzureData.get_metrics()
    • AzureData.get_network_details()
    • AzureData.get_resource_details()
    • AzureData.get_resources()
    • AzureData.get_sentinel_workspaces()
    • AzureData.get_subscription_info()
    • AzureData.get_subscriptions()
    • AzureData.list_sentinel_workspaces()
  • InterfaceItems
    • InterfaceItems.app_sec_group
    • InterfaceItems.interface_id
    • InterfaceItems.private_ip
    • InterfaceItems.private_ip_allocation
    • InterfaceItems.public_ip
    • InterfaceItems.public_ip_allocation
    • InterfaceItems.subnet
    • InterfaceItems.subnet_nsg
    • InterfaceItems.subnet_route_table
  • Items
    • Items.identity
    • Items.kind
    • Items.location
    • Items.managed_by
    • Items.name
    • Items.plan
    • Items.properties
    • Items.resource_id
    • Items.resource_type
    • Items.sku
    • Items.state
    • Items.tags
  • NsgItems
    • NsgItems.action
    • NsgItems.description
    • NsgItems.direction
    • NsgItems.dst_addrs
    • NsgItems.dst_ports
    • NsgItems.protocol
    • NsgItems.rule_name
    • NsgItems.src_addrs
    • NsgItems.src_ports
  • get_api_headers()
  • get_token()
• msticpy.context.azure.sentinel_analytics module
  • SentinelAnalyticsMixin
    • SentinelAnalyticsMixin.base_url
    • SentinelAnalyticsMixin.check_connected()
    • SentinelAnalyticsMixin.cloud
    • SentinelAnalyticsMixin.compute_client
    • SentinelAnalyticsMixin.connect()
    • SentinelAnalyticsMixin.create_analytic_rule()
    • SentinelAnalyticsMixin.credentials
    • SentinelAnalyticsMixin.delete_analytic_rule()
    • SentinelAnalyticsMixin.endpoints
    • SentinelAnalyticsMixin.get_alert_rules()
    • SentinelAnalyticsMixin.get_analytic_rules()
    • SentinelAnalyticsMixin.get_metrics()
    • SentinelAnalyticsMixin.get_network_details()
    • SentinelAnalyticsMixin.get_resource_details()
    • SentinelAnalyticsMixin.get_resources()
    • SentinelAnalyticsMixin.get_sentinel_workspaces()
    • SentinelAnalyticsMixin.get_subscription_info()
    • SentinelAnalyticsMixin.get_subscriptions()
    • SentinelAnalyticsMixin.list_alert_rules()
    • SentinelAnalyticsMixin.list_analytic_rules()
    • SentinelAnalyticsMixin.list_analytic_templates()
    • SentinelAnalyticsMixin.list_sentinel_workspaces()
    • SentinelAnalyticsMixin.monitoring_client
    • SentinelAnalyticsMixin.network_client
    • SentinelAnalyticsMixin.resource_client
    • SentinelAnalyticsMixin.sent_urls
    • SentinelAnalyticsMixin.sub_client
    • SentinelAnalyticsMixin.url
  • SentinelHuntingMixin
    • SentinelHuntingMixin.base_url
    • SentinelHuntingMixin.check_connected()
    • SentinelHuntingMixin.cloud
    • SentinelHuntingMixin.compute_client
    • SentinelHuntingMixin.connect()
    • SentinelHuntingMixin.credentials
    • SentinelHuntingMixin.endpoints
    • SentinelHuntingMixin.get_hunting_queries()
    • SentinelHuntingMixin.get_metrics()
    • SentinelHuntingMixin.get_network_details()
    • SentinelHuntingMixin.get_resource_details()
    • SentinelHuntingMixin.get_resources()
    • SentinelHuntingMixin.get_sentinel_workspaces()
    • SentinelHuntingMixin.get_subscription_info()
    • SentinelHuntingMixin.get_subscriptions()
    • SentinelHuntingMixin.list_hunting_queries()
    • SentinelHuntingMixin.list_saved_queries()
    • SentinelHuntingMixin.list_sentinel_workspaces()
    • SentinelHuntingMixin.monitoring_client
    • SentinelHuntingMixin.network_client
    • SentinelHuntingMixin.resource_client
    • SentinelHuntingMixin.sent_urls
    • SentinelHuntingMixin.sub_client
    • SentinelHuntingMixin.url
• msticpy.context.azure.sentinel_bookmarks module
  • SentinelBookmarksMixin
    • SentinelBookmarksMixin.base_url
    • SentinelBookmarksMixin.check_connected()
    • SentinelBookmarksMixin.cloud
    • SentinelBookmarksMixin.compute_client
    • SentinelBookmarksMixin.connect()
    • SentinelBookmarksMixin.create_bookmark()
    • SentinelBookmarksMixin.credentials
    • SentinelBookmarksMixin.delete_bookmark()
    • SentinelBookmarksMixin.endpoints
    • SentinelBookmarksMixin.get_bookmarks()
    • SentinelBookmarksMixin.get_metrics()
    • SentinelBookmarksMixin.get_network_details()
    • SentinelBookmarksMixin.get_resource_details()
    • SentinelBookmarksMixin.get_resources()
    • SentinelBookmarksMixin.get_sentinel_workspaces()
    • SentinelBookmarksMixin.get_subscription_info()
    • SentinelBookmarksMixin.get_subscriptions()
    • SentinelBookmarksMixin.list_bookmarks()
    • SentinelBookmarksMixin.list_sentinel_workspaces()
    • SentinelBookmarksMixin.monitoring_client
    • SentinelBookmarksMixin.network_client
    • SentinelBookmarksMixin.resource_client
    • SentinelBookmarksMixin.sent_urls
    • SentinelBookmarksMixin.sub_client
    • SentinelBookmarksMixin.url
• msticpy.context.azure.sentinel_core module
  • AzureSentinel
  • MicrosoftSentinel
    • MicrosoftSentinel.add_bookmark_to_incident()
    • MicrosoftSentinel.add_tag()
    • MicrosoftSentinel.add_watchlist_item()
    • MicrosoftSentinel.base_url
    • MicrosoftSentinel.bulk_create_indicators()
    • MicrosoftSentinel.check_connected()
    • MicrosoftSentinel.check_search_status()
    • MicrosoftSentinel.cloud
    • MicrosoftSentinel.compute_client
    • MicrosoftSentinel.connect()
    • MicrosoftSentinel.create_analytic_rule()
    • MicrosoftSentinel.create_bookmark()
    • MicrosoftSentinel.create_dynamic_summary()
    • MicrosoftSentinel.create_incident()
    • MicrosoftSentinel.create_indicator()
    • MicrosoftSentinel.create_search()
    • MicrosoftSentinel.create_watchlist()
    • MicrosoftSentinel.credentials
    • MicrosoftSentinel.default_resource_group
    • MicrosoftSentinel.default_resource_id
    • MicrosoftSentinel.default_subscription_id
    • MicrosoftSentinel.default_workspace_name
    • MicrosoftSentinel.default_workspace_settings
    • MicrosoftSentinel.delete_analytic_rule()
    • MicrosoftSentinel.delete_bookmark()
    • MicrosoftSentinel.delete_dynamic_summary()
    • MicrosoftSentinel.delete_indicator()
    • MicrosoftSentinel.delete_search()
    • MicrosoftSentinel.delete_watchlist()
    • MicrosoftSentinel.delete_watchlist_item()
    • MicrosoftSentinel.df_to_dynamic_summaries()
    • MicrosoftSentinel.df_to_dynamic_summary()
    • MicrosoftSentinel.endpoints
    • MicrosoftSentinel.get_alert_rules()
    • MicrosoftSentinel.get_all_indicators()
    • MicrosoftSentinel.get_analytic_rules()
    • MicrosoftSentinel.get_bookmarks()
    • MicrosoftSentinel.get_dynamic_summary()
    • MicrosoftSentinel.get_entities()
    • MicrosoftSentinel.get_hunting_queries()
    • MicrosoftSentinel.get_incident()
    • MicrosoftSentinel.get_incident_alerts()
    • MicrosoftSentinel.get_incident_bookmarks()
    • MicrosoftSentinel.get_incident_comments()
    • MicrosoftSentinel.get_incidents()
    • MicrosoftSentinel.get_indicator()
    • MicrosoftSentinel.get_metrics()
    • MicrosoftSentinel.get_network_details()
    • MicrosoftSentinel.get_resource_details()
    • MicrosoftSentinel.get_resource_id_from_url()
    • MicrosoftSentinel.get_resources()
    • MicrosoftSentinel.get_sentinel_workspaces()
    • MicrosoftSentinel.get_subscription_info()
    • MicrosoftSentinel.get_subscriptions()
    • MicrosoftSentinel.get_ti_metrics()
    • MicrosoftSentinel.get_workspace_details_from_url()
    • MicrosoftSentinel.get_workspace_id()
    • MicrosoftSentinel.get_workspace_name()
    • MicrosoftSentinel.get_workspace_settings()
    • MicrosoftSentinel.get_workspace_settings_by_name()
    • MicrosoftSentinel.list_alert_rules()
    • MicrosoftSentinel.list_analytic_rules()
    • MicrosoftSentinel.list_analytic_templates()
    • MicrosoftSentinel.list_bookmarks()
    • MicrosoftSentinel.list_data_connectors()
    • MicrosoftSentinel.list_dynamic_summaries()
    • MicrosoftSentinel.list_hunting_queries()
    • MicrosoftSentinel.list_incidents()
    • MicrosoftSentinel.list_saved_queries()
    • MicrosoftSentinel.list_sentinel_workspaces()
    • MicrosoftSentinel.list_watchlist_items()
    • MicrosoftSentinel.list_watchlists()
    • MicrosoftSentinel.monitoring_client
    • MicrosoftSentinel.network_client
    • MicrosoftSentinel.new_dynamic_summary()
    • MicrosoftSentinel.post_comment()
    • MicrosoftSentinel.query_indicators()
    • MicrosoftSentinel.resource_client
    • MicrosoftSentinel.sent_urls
    • MicrosoftSentinel.set_default_subscription()
    • MicrosoftSentinel.set_default_workspace()
    • MicrosoftSentinel.sub_client
    • MicrosoftSentinel.update_dynamic_summary()
    • MicrosoftSentinel.update_incident()
    • MicrosoftSentinel.update_indicator()
    • MicrosoftSentinel.url
• msticpy.context.azure.sentinel_dynamic_summary module
  • SentinelDynamicSummaryMixin
    • SentinelDynamicSummaryMixin.base_url
    • SentinelDynamicSummaryMixin.check_connected()
    • SentinelDynamicSummaryMixin.cloud
    • SentinelDynamicSummaryMixin.compute_client
    • SentinelDynamicSummaryMixin.connect()
    • SentinelDynamicSummaryMixin.create_dynamic_summary()
    • SentinelDynamicSummaryMixin.credentials
    • SentinelDynamicSummaryMixin.delete_dynamic_summary()
    • SentinelDynamicSummaryMixin.df_to_dynamic_summaries()
    • SentinelDynamicSummaryMixin.df_to_dynamic_summary()
    • SentinelDynamicSummaryMixin.endpoints
    • SentinelDynamicSummaryMixin.get_dynamic_summary()
    • SentinelDynamicSummaryMixin.get_metrics()
    • SentinelDynamicSummaryMixin.get_network_details()
    • SentinelDynamicSummaryMixin.get_resource_details()
    • SentinelDynamicSummaryMixin.get_resources()
    • SentinelDynamicSummaryMixin.get_sentinel_workspaces()
    • SentinelDynamicSummaryMixin.get_subscription_info()
    • SentinelDynamicSummaryMixin.get_subscriptions()
    • SentinelDynamicSummaryMixin.list_dynamic_summaries()
    • SentinelDynamicSummaryMixin.list_sentinel_workspaces()
    • SentinelDynamicSummaryMixin.monitoring_client
    • SentinelDynamicSummaryMixin.network_client
    • SentinelDynamicSummaryMixin.new_dynamic_summary()
    • SentinelDynamicSummaryMixin.resource_client
    • SentinelDynamicSummaryMixin.sent_urls
    • SentinelDynamicSummaryMixin.sub_client
    • SentinelDynamicSummaryMixin.update_dynamic_summary()
    • SentinelDynamicSummaryMixin.url
  • SentinelQueryProvider
    • SentinelQueryProvider.get_dynamic_summaries()
    • SentinelQueryProvider.get_dynamic_summary()
• msticpy.context.azure.sentinel_dynamic_summary_types module
  • DynamicSummary
    • DynamicSummary.add_summary_items()
    • DynamicSummary.append_summary_items()
    • DynamicSummary.df_to_dynamic_summaries()
    • DynamicSummary.df_to_dynamic_summary()
    • DynamicSummary.fields
    • DynamicSummary.from_json()
    • DynamicSummary.new_dynamic_summary()
    • DynamicSummary.to_df()
    • DynamicSummary.to_json()
    • DynamicSummary.to_json_api()
  • DynamicSummaryItem
    • DynamicSummaryItem.event_time_utc
    • DynamicSummaryItem.fields
    • DynamicSummaryItem.observable_type
    • DynamicSummaryItem.observable_value
    • DynamicSummaryItem.packed_content
    • DynamicSummaryItem.relation_id
    • DynamicSummaryItem.relation_name
    • DynamicSummaryItem.search_key
    • DynamicSummaryItem.summary_item_id
    • DynamicSummaryItem.tactics
    • DynamicSummaryItem.techniques
    • DynamicSummaryItem.to_api_dict()
  • FieldList
  • df_to_dynamic_summaries()
  • df_to_dynamic_summary()
• msticpy.context.azure.sentinel_incidents module
  • SentinelIncidentsMixin
    • SentinelIncidentsMixin.add_bookmark_to_incident()
    • SentinelIncidentsMixin.base_url
    • SentinelIncidentsMixin.check_connected()
    • SentinelIncidentsMixin.cloud
    • SentinelIncidentsMixin.compute_client
    • SentinelIncidentsMixin.connect()
    • SentinelIncidentsMixin.create_bookmark()
    • SentinelIncidentsMixin.create_incident()
    • SentinelIncidentsMixin.credentials
    • SentinelIncidentsMixin.delete_bookmark()
    • SentinelIncidentsMixin.endpoints
    • SentinelIncidentsMixin.get_bookmarks()
    • SentinelIncidentsMixin.get_entities()
    • SentinelIncidentsMixin.get_incident()
    • SentinelIncidentsMixin.get_incident_alerts()
    • SentinelIncidentsMixin.get_incident_bookmarks()
    • SentinelIncidentsMixin.get_incident_comments()
    • SentinelIncidentsMixin.get_incidents()
    • SentinelIncidentsMixin.get_metrics()
    • SentinelIncidentsMixin.get_network_details()
    • SentinelIncidentsMixin.get_resource_details()
    • SentinelIncidentsMixin.get_resources()
    • SentinelIncidentsMixin.get_sentinel_workspaces()
    • SentinelIncidentsMixin.get_subscription_info()
    • SentinelIncidentsMixin.get_subscriptions()
    • SentinelIncidentsMixin.list_bookmarks()
    • SentinelIncidentsMixin.list_incidents()
    • SentinelIncidentsMixin.list_sentinel_workspaces()
    • SentinelIncidentsMixin.monitoring_client
    • SentinelIncidentsMixin.network_client
    • SentinelIncidentsMixin.post_comment()
    • SentinelIncidentsMixin.resource_client
    • SentinelIncidentsMixin.sent_urls
    • SentinelIncidentsMixin.sub_client
    • SentinelIncidentsMixin.update_incident()
    • SentinelIncidentsMixin.url
• msticpy.context.azure.sentinel_search module
  • SentinelSearchlistsMixin
    • SentinelSearchlistsMixin.base_url
    • SentinelSearchlistsMixin.check_connected()
    • SentinelSearchlistsMixin.check_search_status()
    • SentinelSearchlistsMixin.cloud
    • SentinelSearchlistsMixin.compute_client
    • SentinelSearchlistsMixin.connect()
    • SentinelSearchlistsMixin.create_search()
    • SentinelSearchlistsMixin.credentials
    • SentinelSearchlistsMixin.delete_search()
    • SentinelSearchlistsMixin.endpoints
    • SentinelSearchlistsMixin.get_metrics()
    • SentinelSearchlistsMixin.get_network_details()
    • SentinelSearchlistsMixin.get_resource_details()
    • SentinelSearchlistsMixin.get_resources()
    • SentinelSearchlistsMixin.get_sentinel_workspaces()
    • SentinelSearchlistsMixin.get_subscription_info()
    • SentinelSearchlistsMixin.get_subscriptions()
    • SentinelSearchlistsMixin.list_sentinel_workspaces()
    • SentinelSearchlistsMixin.monitoring_client
    • SentinelSearchlistsMixin.network_client
    • SentinelSearchlistsMixin.resource_client
    • SentinelSearchlistsMixin.sent_urls
    • SentinelSearchlistsMixin.sub_client
    • SentinelSearchlistsMixin.url
• msticpy.context.azure.sentinel_ti module
  • SentinelTIMixin
    • SentinelTIMixin.add_tag()
    • SentinelTIMixin.base_url
    • SentinelTIMixin.bulk_create_indicators()
    • SentinelTIMixin.check_connected()
    • SentinelTIMixin.cloud
    • SentinelTIMixin.compute_client
    • SentinelTIMixin.connect()
    • SentinelTIMixin.create_indicator()
    • SentinelTIMixin.credentials
    • SentinelTIMixin.delete_indicator()
    • SentinelTIMixin.endpoints
    • SentinelTIMixin.get_all_indicators()
    • SentinelTIMixin.get_indicator()
    • SentinelTIMixin.get_metrics()
    • SentinelTIMixin.get_network_details()
    • SentinelTIMixin.get_resource_details()
    • SentinelTIMixin.get_resources()
    • SentinelTIMixin.get_sentinel_workspaces()
    • SentinelTIMixin.get_subscription_info()
    • SentinelTIMixin.get_subscriptions()
    • SentinelTIMixin.get_ti_metrics()
    • SentinelTIMixin.list_sentinel_workspaces()
    • SentinelTIMixin.monitoring_client
    • SentinelTIMixin.network_client
    • SentinelTIMixin.query_indicators()
    • SentinelTIMixin.resource_client
    • SentinelTIMixin.sent_urls
    • SentinelTIMixin.sub_client
    • SentinelTIMixin.update_indicator()
    • SentinelTIMixin.url
• msticpy.context.azure.sentinel_utils module
  • SentinelInstanceDetails
    • SentinelInstanceDetails.from_resource_id()
    • SentinelInstanceDetails.resource_group
    • SentinelInstanceDetails.resource_id
    • SentinelInstanceDetails.subscription_id
    • SentinelInstanceDetails.workspace_name
  • SentinelUtilsMixin
    • SentinelUtilsMixin.base_url
    • SentinelUtilsMixin.check_connected()
    • SentinelUtilsMixin.cloud
    • SentinelUtilsMixin.compute_client
    • SentinelUtilsMixin.connect()
    • SentinelUtilsMixin.credentials
    • SentinelUtilsMixin.endpoints
    • SentinelUtilsMixin.get_metrics()
    • SentinelUtilsMixin.get_network_details()
    • SentinelUtilsMixin.get_resource_details()
    • SentinelUtilsMixin.get_resources()
    • SentinelUtilsMixin.get_sentinel_workspaces()
    • SentinelUtilsMixin.get_subscription_info()
    • SentinelUtilsMixin.get_subscriptions()
    • SentinelUtilsMixin.list_sentinel_workspaces()
    • SentinelUtilsMixin.monitoring_client
    • SentinelUtilsMixin.network_client
    • SentinelUtilsMixin.resource_client
    • SentinelUtilsMixin.sent_urls
    • SentinelUtilsMixin.sub_client
    • SentinelUtilsMixin.url
  • build_sentinel_resource_id()
  • extract_sentinel_response()
  • parse_resource_id()
  • validate_resource_id()
• msticpy.context.azure.sentinel_watchlists module
  • SentinelWatchlistsMixin
    • SentinelWatchlistsMixin.add_watchlist_item()
    • SentinelWatchlistsMixin.base_url
    • SentinelWatchlistsMixin.check_connected()
    • SentinelWatchlistsMixin.cloud
    • SentinelWatchlistsMixin.compute_client
    • SentinelWatchlistsMixin.connect()
    • SentinelWatchlistsMixin.create_watchlist()
    • SentinelWatchlistsMixin.credentials
    • SentinelWatchlistsMixin.delete_watchlist()
    • SentinelWatchlistsMixin.delete_watchlist_item()
    • SentinelWatchlistsMixin.endpoints
    • SentinelWatchlistsMixin.get_metrics()
    • SentinelWatchlistsMixin.get_network_details()
    • SentinelWatchlistsMixin.get_resource_details()
    • SentinelWatchlistsMixin.get_resources()
    • SentinelWatchlistsMixin.get_sentinel_workspaces()
    • SentinelWatchlistsMixin.get_subscription_info()
    • SentinelWatchlistsMixin.get_subscriptions()
    • SentinelWatchlistsMixin.list_sentinel_workspaces()
    • SentinelWatchlistsMixin.list_watchlist_items()
    • SentinelWatchlistsMixin.list_watchlists()
    • SentinelWatchlistsMixin.monitoring_client
    • SentinelWatchlistsMixin.network_client
    • SentinelWatchlistsMixin.resource_client
    • SentinelWatchlistsMixin.sent_urls
    • SentinelWatchlistsMixin.sub_client
    • SentinelWatchlistsMixin.url
• msticpy.context.azure.sentinel_workspaces module
  • ParsedUrlComponents
    • ParsedUrlComponents.domain
    • ParsedUrlComponents.raw_res_id
    • ParsedUrlComponents.res_components
    • ParsedUrlComponents.resource_id
    • ParsedUrlComponents.tenant_name
  • SentinelWorkspacesMixin
    • SentinelWorkspacesMixin.base_url
    • SentinelWorkspacesMixin.check_connected()
    • SentinelWorkspacesMixin.cloud
    • SentinelWorkspacesMixin.compute_client
    • SentinelWorkspacesMixin.connect()
    • SentinelWorkspacesMixin.credentials
    • SentinelWorkspacesMixin.endpoints
    • SentinelWorkspacesMixin.get_metrics()
    • SentinelWorkspacesMixin.get_network_details()
    • SentinelWorkspacesMixin.get_resource_details()
    • SentinelWorkspacesMixin.get_resource_id_from_url()
    • SentinelWorkspacesMixin.get_resources()
    • SentinelWorkspacesMixin.get_sentinel_workspaces()
    • SentinelWorkspacesMixin.get_subscription_info()
    • SentinelWorkspacesMixin.get_subscriptions()
    • SentinelWorkspacesMixin.get_workspace_details_from_url()
    • SentinelWorkspacesMixin.get_workspace_id()
    • SentinelWorkspacesMixin.get_workspace_name()
    • SentinelWorkspacesMixin.get_workspace_settings()
    • SentinelWorkspacesMixin.get_workspace_settings_by_name()
    • SentinelWorkspacesMixin.list_sentinel_workspaces()
    • SentinelWorkspacesMixin.monitoring_client
    • SentinelWorkspacesMixin.network_client
    • SentinelWorkspacesMixin.resource_client
    • SentinelWorkspacesMixin.sent_urls
    • SentinelWorkspacesMixin.sub_client
    • SentinelWorkspacesMixin.url